Vulnerability Description
Applications in cf-release before 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack. Although it is not recommended, a user can specify a credential in the URL (basic auth or OAuth) to access the buildpack through the CLI. For example, the user could include a GitHub username and password in the URL to access a private repo. Because the URL to access the buildpack is stored unencrypted, an operator with privileged access to the Cloud Controller database could view these credentials.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cloudfoundry | Cf-Release | < 245 |
| Pivotal Software | Cloud Foundry Elastic Runtime | < 1.6.49 |
Related Weaknesses (CWE)
References
- https://pivotal.io/security/cve-2016-6658Vendor Advisory
- https://pivotal.io/security/cve-2016-6658Vendor Advisory
FAQ
What is CVE-2016-6658?
CVE-2016-6658 is a vulnerability with a CVSS score of 9.6 (CRITICAL). Applications in cf-release before 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack. Although it is not recommended, a user can specify a cre...
How severe is CVE-2016-6658?
CVE-2016-6658 has been rated CRITICAL with a CVSS base score of 9.6/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-6658?
Check the references section above for vendor advisories and patch information. Affected products include: Cloudfoundry Cf-Release, Pivotal Software Cloud Foundry Elastic Runtime.